Page MenuHomeFreeBSD
Differential D10360

Use the execute-never bits on arm64
ClosedPublic
Actions

Authored by andrew on Apr 11 2017, 3:35 PM.
Tags
None
Referenced Files
F153299254: D10360.id.diff
Mon, Apr 20, 8:14 AM
F153242758: D10360.diff
Mon, Apr 20, 12:41 AM
F153242709: D10360.diff
Mon, Apr 20, 12:41 AM
F153195311: D10360.id27354.diff
Sun, Apr 19, 5:56 PM
Unknown Object (File)
Sun, Apr 12, 12:37 PM
Unknown Object (File)
Thu, Apr 9, 5:23 PM
Unknown Object (File)
Thu, Apr 9, 11:54 AM
Unknown Object (File)
Wed, Apr 8, 6:27 AM
View All Files
Subscribers
emaste
imp

Details

Reviewers
kib
alc
Group Reviewers
arm64
Commits
rS316734: Start to use the User and Privileged execute-never bits in the arm64
Summary

Start to use the User and Privileged execute-never bits. This sets both bits when entering an address we know shouldn't be executed.

I expect we could mark all userspace pages as Privileged execute-never to ensure the kernel doesn't branch to one of these addresses.

While here add the ARMv8.1 upper attributes.

Test Plan

Netboot on a ThunderX to multiuser.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 8698
Build 9032: CI src buildJenkins

Event Timeline

andrew created this revision.Apr 11 2017, 3:35 PM
Herald added subscribers: emaste, imp. · View Herald TranscriptApr 11 2017, 3:35 PM
Harbormaster failed remote builds in B8684: Diff 27354!Apr 11 2017, 3:40 PM
kib accepted this revision.Apr 11 2017, 4:52 PM
This revision is now accepted and ready to land.Apr 11 2017, 4:52 PM
Harbormaster failed remote builds in B8684: Diff 27354!Apr 11 2017, 5:12 PM
alc added inline comments.Apr 12 2017, 8:10 AM
sys/arm64/arm64/pmap.c
2433–2434

My impression is that r271716 would also apply to arm64.

andrew updated this revision to Diff 27377.Apr 12 2017, 11:49 AM
andrew edited edge metadata.

Update the check in pmap_protect to be the same as rS271716

This revision now requires review to proceed.Apr 12 2017, 11:49 AM
Harbormaster failed remote builds in B8698: Diff 27377!Apr 12 2017, 11:53 AM
alc accepted this revision.Apr 12 2017, 3:38 PM
This revision is now accepted and ready to land.Apr 12 2017, 3:38 PM
Closed by commit rS316734: Start to use the User and Privileged execute-never bits in the arm64 (authored by andrew). · Explain WhyApr 12 2017, 4:29 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
sys/
arm64/
arm64/
32 lines
include/
5 lines

Diff 27377

View Options

sys/arm64/arm64/pmap.c

Loading...
View Options

sys/arm64/include/pte.h

Loading...